This looks like a big one. All Intel processors from the last ten years or so are affected. Microsoft, Apple and Linux are all pushing out security updates over the next few days to work around the flaw. This will result in a performance hit of a few percent up to as much as thirty percent depending on the application. AMD processors aren't affected.

My understanding is that the flaw allows applications to probe kernel memory in a round-about way and this allows data from different processes to be read by other applications. In principle this could allow some code running in a browser to read passwords and similar being used by other programs running at the same time. Linus has christened the Linux kernel update with the acronym FUCKWIT. He's obviously not amused.

AMD shares are up 7% and Intel shares down 4%. The CEO of Intel is rumored to have recently sold a huge part of his Intel stock. This is insider trading in some form and sucks.

There are also rumors that Intel insiders have known about the flaw for at least the last five years but have been told to keep quiet "while a solution is sought." The fact that Microsoft, Linux, and Apple have been secretly working on a work-around for the last few months probably means that Intel have now given up on the idea of fixing the problem by a processor microcode update.

There either has been, or has threatened to be, some kind of security exploit based around the hardware flaw - and the details about that were likely to leak into the public domain eventually.

Not mentioned yet is that every intel processor is going to take a 15-30% performance hit. Which annoying for the average user means giant cloud services that use intel just lost 30% of the capability over night. The reason for the hit is the patch is a work around, sacrificing clock cycles to make sure things are secure.

I did mention it in the OP. I think the performance hit is being hyped right now. Once the patches have been rolled out, I'm sure we'll see "before and after" benchmarks that measure the actual performance hit for various types of application.

Symptom:
Windows Update History reports that KB4054517 failed to install because of Error 0x80070643.

Workaround:
Even though the update was successfully installed, Windows Update incorrectly reports that the update failed to install. To verify the installation, select Check for Updates to confirm that there are no additional updates available.

You can also type About your PC in the Search box on your taskbar to confirm that your device is using the expected OS build.

Microsoft is working on a resolution and will provide an update in an upcoming release.

Eben Upton (Raspberry Pi founder) posted a good explanation of the processor flaws and why the Raspberry Pi is immune (basically because it uses an older version of the ARM core that doesn't do any/as much speculative execution as more modern Intel/AMD/ARM chips).

Although all the newer chips from all the manufacturers are vunerable to some extent, it's still Intel chips that have the greatest vulnerabilities and will slow down the most when patches are applied to work around the flaws. The only real answer to the security problem without slowing things down is a complete redesign of the way speculative execution (hence 'Spectre') is carried out by all modern multi-core chips. This will likely take years.

Headline says it all. Apparently the systems with the (old) AMD processors that are being bricked aren't vulnerable to the flaws in the first place - so they don't even need patching! Microsoft have now put a brake on the update so that it aborts if it recognizes certain non-Intel microprocessors.

I love the comment complaining to Microsoft that says, "I understand that making the machine unbootable is the best protection from remote exploitation, but I would rather have the OS working."

There's also some trickiness about certain anti-virus software preventing the update from being applied - the only Windows PCs I use have the standard Microsoft anti-virus stuff (defender or Security Essentials) so they've been okay.

Chris confirms that even after applying all browser and Operating System patches (which will have happened by now if you have auto-update on) your PCs, tablets and phones still aren't totally secure. His advice is that when entering sensitive data (such as for on-line banking) you should cycle power before and after doing that, and not do any other on-line stuff in the same session that you've entered the sensitive data.

This applies to phones and tablets as well as PCs - most of us don't turn these off normally, partly because it takes them ages to reboot.

Another option is to use a Raspberry Pi for your really sensitive data sessions - the Pi is probably capable of running most browser-based on-line banking things, and it's immune to the Spectre and Meltdown flaws.

Interesting that he says 2018 will be the first year in computing history where, on average, computers become slower. He also predicts that computer and chip manufacturers will use these flaws to drive a marketing surge once new immune processors are developed.